The approaches described in this section could be pursued, but are not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated herein, the approaches described in this section are not prior art to the claims in this application and are not admitted to be prior art by inclusion in this section. Furthermore, all embodiments are not necessarily intended to solve all or even any of the problems brought forward in this section.
A System-on-Chip (SoC) platform typically comprises at least one embedded Central Processing Unit (CPU), at least one embedded functional unit (also called an IP in the jargon of the one with ordinary skills in the art) which may be a memory (for instance of the eSRAM type), a Memory Management Unit (MMU), and/or at least one register. The components of the SoC are typically interconnected through an internal bus matrix.
In operation, the SoC platform may be led to manipulate sensitive data, for instance, cryptographic secret keys or unencoded secret data like passwords. To prevent unauthorized access to and/or corruption of these sensitive data, the architecture of the SoC platform may be split into two physically and functionally separated environments: a secure environment for manipulating sensitive data and a public environment for processing non-sensitive data. The secure environment comprises notably one or more dedicated secure memories and/or one or more secure hardware registers to store sensitive data, whereas the public environment may include its own dedicated memories and/or hardware registers to store public data.
This separation is for example implemented by Advanced RISC Machine (ARM) SoC platforms with security extensions, for example the TrustZone technology. A clear frontier between these two environments may be implemented with hardware (HW) and/or software (SW) mechanisms embedded in the processor, in the bus matrix, and in the IPs themselves. This frontier ensures that secure data within the secure environment cannot be accessed by any public component belonging to the public environment. This may typically be the case for active modes of operation of the platform, wherein memories, IPs and processors are kept powered-on or in retention. However, some modes of operation are available wherein one or more of the secure components can be powered off, meaning that at least some of their contents have to be saved during the particular mode and be restored thereafter. Such modes may be available for the purpose of optimizing the power strategy of the chip and decrease energy leakages.
A dedicated persistent secure memory, included in the secure environment, may be used to store securely sensitive data present in the secure environment before switching from an active mode to an energy saving mode (low-power mode). However, there might be cases where not enough secure memory space is available to save all secure contents. Consequently, in such cases, it may be necessary to store sensitive data outside the secure environment, in a non secure storage for example. It may be desirable that such storage can be made efficiently and securely.
Storing such data can have impacts on the delay to switch from one mode to another.
One issue of switching from an active mode to a low-power mode is linked to performances and integration inside the operating system (OS). Indeed, this switching could require a non-negligible amount of time due to saving/storing/restoring sensitive information from or to the memory.
As the power driver, usually enabled in the public environment, is isolated from the secure environment, the decision to go or not in low-power mode is made independently from the knowledge of the estimated time to save/restore sensitive data.
Thus, this insufficient knowledge could be quite significant for the global power policy and could affect directly the efficiency of this policy.
Thus, embodiments of the present invention aim at solving at least some of the following problems:                Ensuring that the power driver is able to decide to go or not in a low-power mode with an efficient strategy;        Avoiding that this efficiency is costly regarding code footprint or performances.        